Google’s DNS over HTTPS encryption plan faces scrutiny from ISPs and the Congress

On September 29, the House Judiciary Committee scrutinized Google’s plans for using DNS over HTTPS (DoH) this is “because of concerns that it could give the company a competitive advantage by making it harder for others to access consumer data,” The Wall Street Journal reported. The Congress is investigating Google’s move to encrypt DNS requests over claims that the switchover could stifle competition, WSJ further mentions.

In a September 13 letter, the Judiciary Committee asked Google for details about “decision regarding whether to adopt or promote the adoption” of the protocol. Further, in a letter written to the Congress on September 19, Big Cable and other telecom industry groups mentioned that the DNS over HTTPS “could interfere on a mass scale with critical Internet functions, as well as raise data-competition issues.”

In an email to Ars Technica, Google wrote, “Google has no plans to centralize or change people’s DNS providers to Google by default. Any claim that we are trying to become the centralized encrypted DNS provider is inaccurate.”

Google laid out this DNS-over-HTTPS upgrade experiment in a blog posted on September 10. Starting with version 78, Chrome will begin experimenting with the new DoH feature. Under the experiment, Chrome will “check if the user’s current DNS provider is among a list of DoH-compatible providers, and upgrade to the equivalent DoH service from the same provider,” Google wrote. “If the DNS provider isn’t in the list, Chrome will continue to operate as it does today.”

According to WSJ, “The new standard would encrypt internet traffic to improve security, which could help prevent hackers from snooping on websites, and from spoofing—faking an internet website to obtain a consumer’s credit card information or other data.” However, it could also alter the internet’s competitive landscape, cable and wireless companies said.

“They fear being shut out from much of user data if browser users move wholesale to this new standard, which many internet service providers don’t currently support. Service providers also worry that Google may compel its Chrome browser users to switch to Google services that support the protocol, something Google said it has no intention of doing,” The WSJ reports.

Mozilla plans a more aggressive DoH rollout for its users

Mozilla is also planning a more aggressive rollout of the technology by gradually shifting all of its users to DoH—whether or not their existing DNS provider supports it. The shift will make Cloudflare the default DNS provider for many Firefox users, regardless of the DNS settings of the underlying OS. In July, Mozilla said that it “wouldn’t enable DoH by default in the UK, where ISPs are planning to use DNS to implement legally mandated porn filtering,” Ars Technica reports.

Mozilla sees the antitrust concerns raised about Google as “fundamentally misleading,” according to Marshall Erwin, Mozilla’s senior director of trust and safety. Service providers are raising these concerns to undermine the new standard and ensure that they have continued access to DNS data, he said.

The adoption of DoH would limit ISPs’ ability to both monitor and modify customer queries. However, for those using the ISP’s own DNS servers, ISPs will be able to monitor them. “If customers switched to third-party DNS servers—either from Google or one of its various competitors—then ISPs would no longer have an easy way to tell which sites customers were accessing. ISPs could still see which IP addresses a customer had accessed, which would give them some information—this can be an effective way to detect malware infections,” according to Ars Technica.

The Sept. 19 letter to lawmakers said, “Because the majority of world-wide internet traffic…runs through the Chrome browser or the Android operating system, Google could become the overwhelmingly predominant DNS lookup provider.” “Google would acquire greater control over user data across networks and devices around the world. This could inhibit competitors and possibly foreclose competition in advertising and other industries.”

The ISPs urged the lawmakers to call on Google not to impose the new standard as a default standard in Chrome and Android.

A few stakeholders also said that the new system could harm security by bypassing parental controls and filters that have been developed under the current, unencrypted system, the WSJ said.

To know more about this news in detail, read The Wall Street Journal’s exclusive coverage.